- Instant help with your Developer coding problems

Set X-Content-Type-Options in Apache

Question:
How to set X-Content-Type-Options in Apache?
Answer:
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
</IfModule>
Description:

The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. This is a way to opt-out of MIME type sniffing, or, in other words, to say that the MIME types are deliberately configured.

Value nosniff blocks a request if the request destination is of type:

  • "style" and the MIME type is not text/css, or
  • "script" and the MIME type is not a JavaScript MIME type

 

Share "How to set X-Content-Type-Options in Apache?"